TPX - Session ManagementVman Session Management for z/OS
Issue/Introduction
Is TPX impacted by Java-based vulnerabilities? For example: Pivotal Spring Data REST and Spring Boot Vulnerability (CVE-2017-8046) Pivotal Spring Framework Vulnerability (CVE-2018-1270)
Environment
CA TPX for z/OS
Resolution
CA TPX is assembler based and does not contain any 3rd party software. Thus, this does not affect TPX directly.
However, we cannot speak for TCP/IP, TN3270 Server and Client products customer may have. Spring Framework is common 3rd party software used by Java based products. You should verify this with the vendors of your TN3270 clients that are used to access CA TPX.